Wasm3
Source repositories
CVEs (14)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-15413 | Med | 0.34 | 5.3 | 0.00 | Jan 1, 2026 | A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function op_SetSlot_i32/op_CallIndirect of the file m3_exec.h. Performing a manipulation results in memory corruption. The attack needs to be approached locally. The exploit is now public and may be used.… | ||
| CVE-2025-15572 | Low | 0.21 | 3.3 | 0.00 | Feb 10, 2026 | A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no… | ||
| CVE-2025-6272 | Low | 0.21 | 3.3 | 0.00 | Jun 19, 2025 | A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of-bounds write. An attack has to be approached locally. The exploit has been… | ||
| CVE-2024-27530 | 0.00 | — | 0.00 | Nov 8, 2024 | wasm3 139076a contains a Use-After-Free in ForEachModule. | |||
| CVE-2024-27528 | 0.00 | — | 0.00 | Nov 8, 2024 | wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution. | |||
| CVE-2024-34246 | 0.00 | — | 0.01 | May 6, 2024 | wasm3 v0.5.0 was discovered to contain an out-of-bound memory read which leads to segmentation fault via the function "main" in wasm3/platforms/app/main.c. | |||
| CVE-2024-34252 | 0.00 | — | 0.01 | May 6, 2024 | wasm3 v0.5.0 was discovered to contain a global buffer overflow which leads to segmentation fault via the function "PreserveRegisterIfOccupied" in wasm3/source/m3_compile.c. | |||
| CVE-2024-34249 | 0.00 | — | 0.01 | May 6, 2024 | wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c. | |||
| CVE-2022-44874 | 0.00 | — | 0.00 | Dec 13, 2022 | wasm3 commit 7890a2097569fde845881e0b352d813573e371f9 was discovered to contain a segmentation fault via the component op_CallIndirect at /m3_exec.h. | |||
| CVE-2022-28966 | 0.00 | — | 0.01 | Apr 16, 2022 | Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code.c (called indirectly from Compile_BranchTable in m3_compile.c). | |||
| CVE-2021-45947 | 0.00 | — | 0.01 | Dec 31, 2021 | Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments). | |||
| CVE-2021-45946 | 0.00 | — | 0.01 | Dec 31, 2021 | Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements). | |||
| CVE-2021-45929 | 0.00 | — | 0.01 | Dec 31, 2021 | Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If). | |||
| CVE-2021-38592 | 0.00 | — | 0.01 | Aug 12, 2021 | Wasm3 0.5.0 has a heap-based buffer overflow in op_Const64 (called from EvaluateExpression and m3_LoadModule). |
- risk 0.34cvss 5.3epss 0.00
A vulnerability was detected in wasm3 up to 0.5.0. Impacted is the function op_SetSlot_i32/op_CallIndirect of the file m3_exec.h. Performing a manipulation results in memory corruption. The attack needs to be approached locally. The exploit is now public and may be used.…
- risk 0.21cvss 3.3epss 0.00
A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. Unfortunately, the project has no…
- risk 0.21cvss 3.3epss 0.00
A vulnerability has been found in wasm3 0.5.0 and classified as problematic. This vulnerability affects the function MarkSlotAllocated of the file source/m3_compile.c. The manipulation leads to out-of-bounds write. An attack has to be approached locally. The exploit has been…
- CVE-2024-27530Nov 8, 2024risk 0.00cvss —epss 0.00
wasm3 139076a contains a Use-After-Free in ForEachModule.
- CVE-2024-27528Nov 8, 2024risk 0.00cvss —epss 0.00
wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution.
- CVE-2024-34246May 6, 2024risk 0.00cvss —epss 0.01
wasm3 v0.5.0 was discovered to contain an out-of-bound memory read which leads to segmentation fault via the function "main" in wasm3/platforms/app/main.c.
- CVE-2024-34252May 6, 2024risk 0.00cvss —epss 0.01
wasm3 v0.5.0 was discovered to contain a global buffer overflow which leads to segmentation fault via the function "PreserveRegisterIfOccupied" in wasm3/source/m3_compile.c.
- CVE-2024-34249May 6, 2024risk 0.00cvss —epss 0.01
wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c.
- CVE-2022-44874Dec 13, 2022risk 0.00cvss —epss 0.00
wasm3 commit 7890a2097569fde845881e0b352d813573e371f9 was discovered to contain a segmentation fault via the component op_CallIndirect at /m3_exec.h.
- CVE-2022-28966Apr 16, 2022risk 0.00cvss —epss 0.01
Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code.c (called indirectly from Compile_BranchTable in m3_compile.c).
- CVE-2021-45947Dec 31, 2021risk 0.00cvss —epss 0.01
Wasm3 0.5.0 has an out-of-bounds write in Runtime_Release (called from EvaluateExpression and InitDataSegments).
- CVE-2021-45946Dec 31, 2021risk 0.00cvss —epss 0.01
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from Compile_LoopOrBlock and CompileBlockStatements).
- CVE-2021-45929Dec 31, 2021risk 0.00cvss —epss 0.01
Wasm3 0.5.0 has an out-of-bounds write in CompileBlock (called from CompileElseBlock and Compile_If).
- CVE-2021-38592Aug 12, 2021risk 0.00cvss —epss 0.01
Wasm3 0.5.0 has a heap-based buffer overflow in op_Const64 (called from EvaluateExpression and m3_LoadModule).